New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium McAfee MA0-104 Dumps Questions Answers

Page: 1 / 3
Total 70 questions

Intel Security Certified Product Specialist Questions and Answers

Question 1

How often does the configuration and policy data from the primary Enterprise Security Manager (ESM) get synchronized with the redundant ESM?

Options:

A.

Every 2 minutes

B.

Every 5 minutes

C.

Every 10 minutes

D.

This is based on manual selection

Buy Now
Question 2

Event Aggregation is performed on which of the following fields?

Options:

A.

Signature ID, Destination IP, User ID

B.

Source IP, Destination IP, User ID

C.

Signature ID, Source IP, Destination IP

D.

Signature ID, Source IP, User ID

Question 3

Internet perimeter firewall data-sources provide excellent visibility into

Options:

A.

backbone Intrusion Prevention System (IPS) detections.

B.

server misbehavior.

C.

inbound port scans

D.

client patch level.

Question 4

Zones allow a user to group devices and the events they generate by

Options:

A.

Geographical location and IP reputation

B.

Geographical reputation and IP Address

C.

Geographical location and IP Address

D.

Geographical location and File reputation

Question 5

A McAfee Event Receiver (ERC) will allow for how many Correlation Data Sources to be configured?

Options:

A.

1

B.

3

C.

5

D.

10

Question 6

In the context of McAfee SIEM, the local protected network address space is a variable referred to as.

Options:

A.

TRUSTED_NET

B.

INTERNAL_NET

C.

EXTERNAL_NET

D.

HOME_NET

Question 7

McAfee's SIEM provides awareness of illicit behavior across multiple internal systems via

Options:

A.

default data-source events.

B.

default correlation events

C.

default alerts.

D.

default reports.

Question 8

Which of the following security technologies sits inline on the network and prevents attacks based on signatures and behavioral analysis that can be configured as a data source within the SIEM?

Options:

A.

Firewall

B.

Email Gateway

C.

Host Intrusion Prevention System

D.

Network Intrusion Prevention System

Question 9

When preparing to apply a patch to the Enterprise Security Manager (ESM) and completing the ESM checklist, the command cat/proc7mdstat has been issued to determine RAID functionally The system returns an active drive result identified as [U J What action should be taken?

Options:

A.

Apply the patch, this is a properly functional RAID which can be upgraded.

B.

Apply the patch, drive 1 is active and can be upgraded.

C.

Apply the patch, drive 2 is active and can be upgraded.

D.

Contact support before proceeding with the upgrade.

Question 10

The McAfee Enterprise Security Manager (ESM) system clock is set to

Options:

A.

International Date Line West.

B.

Daylight Savings Offset.

C.

Greenwich Mean Time.

D.

Geo-Location.

Exam Detail
Vendor: McAfee
Certification: ISCPS SIEM
Exam Code: MA0-104
Last Update: Dec 25, 2024
MA0-104 Question Answers
Page: 1 / 3
Total 70 questions